[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] NFUs

Tue, 23 Jan 2018 22:44:24 -0800 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
398d5bc9 by Moritz Muehlenhoff at 2018-01-24T07:43:36+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -301,25 +301,25 @@ CVE-2018-6031
 CVE-2018-6030
        RESERVED
 CVE-2018-1000016 (Jenkins Ant Plugin 1.7 and earlier failed to escape tool 
names it ...)
-       TODO: check
+       NOT-FOR-US: Jenkins plugin
 CVE-2018-1000015 (On Jenkins instances with Authorize Project plugin, the 
authentication ...)
-       TODO: check
+       NOT-FOR-US: Jenkins plugin
 CVE-2018-1000014 (Jenkins Translation Assistance Plugin 1.15 and earlier did 
not require ...)
-       TODO: check
+       NOT-FOR-US: Jenkins plugin
 CVE-2018-1000013 (Jenkins Release Plugin 2.9 and earlier did not require form 
...)
-       TODO: check
+       NOT-FOR-US: Jenkins plugin
 CVE-2018-1000012 (Jenkins Warnings Plugin 4.64 and earlier processes XML 
external ...)
-       TODO: check
+       NOT-FOR-US: Jenkins plugin
 CVE-2018-1000011 (Jenkins FindBugs Plugin 4.71 and earlier processes XML 
external ...)
-       TODO: check
+       NOT-FOR-US: Jenkins plugin
 CVE-2018-1000010 (Jenkins DRY Plugin 2.49 and earlier processes XML external 
entities in ...)
-       TODO: check
+       NOT-FOR-US: Jenkins plugin
 CVE-2018-1000009 (Jenkins Checkstyle Plugin 3.49 and earlier processes XML 
external ...)
-       TODO: check
+       NOT-FOR-US: Jenkins plugin
 CVE-2018-1000008 (Jenkins PMD Plugin 3.49 and earlier processes XML external 
entities in ...)
-       TODO: check
+       NOT-FOR-US: Jenkins plugin
 CVE-2015-1142857 (On multiple SR-IOV cars it is possible for VF's assigned to 
guests to ...)
-       TODO: check
+       NOT-FOR-US: SR-IOV cars
 CVE-2018-6029 (The copy function in application/admin/controller/Article.php 
in ...)
        NOT-FOR-US: NoneCms
 CVE-2018-6028
@@ -351,7 +351,7 @@ CVE-2018-6016
 CVE-2018-6015
        RESERVED
 CVE-2018-6014 (Subsonic v6.1.3 has an insecure allow-access-from 
domain="*" Flash ...)
-       TODO: check
+       NOT-FOR-US: Subsonic
 CVE-2018-6013 (Cross-site scripting (XSS) in BigTree 4.2.19 allows any remote 
users to ...)
        NOT-FOR-US: BigTree CMS
 CVE-2018-6012
@@ -429,7 +429,7 @@ CVE-2017-18048 (Monstra CMS 3.0.4 allows users to upload 
arbitrary files, which 
 CVE-2017-1000417 (MatrixSSL version 3.7.2 adopts a collision-prone OID 
comparison logic ...)
        - matrixssl <removed>
 CVE-2017-1000416 (axTLS version 1.5.3 has a coding error in the ASN.1 parser 
resulting ...)
-       TODO: check
+       NOT-FOR-US: axTLS
 CVE-2018-6003 (An issue was discovered in the _asn1_decode_simple_ber function 
in ...)
        - libtasn1-6 4.13-2
        [jessie] - libtasn1-6 <not-affected> (Vulnerable code introduced in 4.3)
@@ -523,7 +523,7 @@ CVE-2018-5962 (index.php in CentOS-WebPanel.com (aka CWP) 
CentOS Web Panel throu
 CVE-2018-5961 (CentOS-WebPanel.com (aka CWP) CentOS Web Panel through 
v0.9.8.12 has ...)
        NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
 CVE-2018-5960 (Zenario v7.1 - v7.6 has SQL injection via the `Name` input 
field of ...)
-       TODO: check
+       NOT-FOR-US: Zenario
 CVE-2018-5959
        RESERVED
 CVE-2018-5958 (In Zillya! Antivirus 3.0.2230.0, the driver file (zef.sys) 
allows local ...)
@@ -535,7 +535,7 @@ CVE-2018-5956 (In Zillya! Antivirus 3.0.2230.0, the driver 
file (zef.sys) allows
 CVE-2018-5955 (An issue was discovered in GitStack through 2.3.10. User 
controlled ...)
        TODO: check
 CVE-2017-18047 (Buffer Overflow in the FTP client in LabF nfsAxe 3.7 allows 
remote FTP ...)
-       TODO: check
+       NOT-FOR-US: LabF nfsAxe
 CVE-2017-18046 (Buffer overflow on Dasan GPON ONT WiFi Router H640X 
12.02-01121 ...)
        NOT-FOR-US: Dasan GPON ONT WiFi Router devices
 CVE-2016-10709 (pfSense before 2.3 allows remote authenticated users to 
execute ...)
@@ -988,7 +988,7 @@ CVE-2018-5763
 CVE-2018-5762
        RESERVED
 CVE-2018-5761 (A man-in-the-middle vulnerability related to vCenter access was 
found ...)
-       TODO: check
+       NOT-FOR-US: Rubrik CDM
 CVE-2018-5760
        RESERVED
 CVE-2018-5759



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/398d5bc99cfc7dfca4eec0e4af797ea725e544a4

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/398d5bc99cfc7dfca4eec0e4af797ea725e544a4
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to